Recent e107 attacks

CaMer0n by CaMer0n in e107

Thanks to the logs presented by Jacl3, I believe I have found the source of the recent e107 hacks.

Thanks to the logs presented by Jacl3, I believe I have found the source of the recent e107 hacks.

There was a security hole in the e107_handlers/secure_img_render.php file in 0.615 and was pointed out to me by waraxe. The file was fixed and the update was included in the 0.616 release. The file in the 0.616 release should be secure.

I have updated the file again and added some more code to make it even more secure.

If you want to make sure you have the latest file, please download this file:
http://www.michelbrink.org/secure_img_render.zip

This file will work on 0.615 or 0.616, so anyone still using 0.615 should grab it and overwrite your existing file now.

FYI:
This exploit only works with register_globals being turned ON in PHP.


Sorry for any problems, and thanks again to Jacl3


Social Links